Approach for deleting electronic documents on network devices using document retention policies

ABSTRACT

An approach is provided for deleting electronic documents on network devices using a document retention policy. The document retention policy specifies one or more deletion criteria for documents belonging to each of a plurality of document classifications. The document retention policy is defined by document retention policy data that is managed by a document retention policy manager. The document retention policy manager disseminates the document retention policy data to network elements over a communications network. The document retention policy manager determines whether a retention policy audit should be performed and if so, signals the network elements to conduct a retention policy audit. The network elements are configured to conduct the retention policy audit by deleting electronic documents in accordance with the document retention policy. The network elements are further configured to generate and provide to the document retention policy manager report data that indicates results of performing the retention policy audit.

FIELD OF THE INVENTION

This invention relates generally to electronic document management, andmore specifically, to an approach for deleting electronic documents onnetwork devices using document retention policies.

BACKGROUND

The approaches described in this section are approaches that could bepursued, but not necessarily approaches that have been previouslyconceived or pursued. Therefore, unless otherwise indicated, theapproaches described in this section may not be prior art to the claimsin this application and are not admitted to be prior art by inclusion inthis section.

Many businesses have implemented document retention policies to defineconditions under which documents are to be destroyed. Businessestypically destroy documents to reduce costs attributable to maintainingold documents and to reduce potential legal liability. Documentretention policies may apply to physical documents as well as electronicdocuments.

One of the problems with document retention policies is the difficultyin uniformly applying a document retention policy to all copies of aparticular document. For example, a document retention policy mayspecify the destruction of a particular document after a specified time.Some copies of the particular document may be readily obtained anddestroyed. Other copies of the particular document may exist but may bedifficult to locate. For example, copies of the particular document mayhave been sent to remote storage and may be difficult, if notimpossible, to locate. In other situations, the existence of some copiesof the particular document may not even be known. This may occur, forexample, if copies of the particular document were made, but no recordwas made documenting that the copies were made. This can be potentiallydamaging if the unknown copies are later discovered in litigation by anadverse party. Furthermore, in some situations, adverse inferences maybe drawn when only select copies of electronic documents are deleted.This problem is particularly acute for electronic documents, where manycopies of a particular electronic document may be unknowingly made andstored at intermediate network node locations. As a result of thisproblem, document management systems have been developed to implementdocument retention policies for electronic documents. The effectivenessof these systems necessarily depends upon knowing about the existence ofall copies of electronic documents and the locations of those copies.With the proliferation of wired and wireless networks, the manydifferent types of network devices, e.g., computers, hand-held devices,personal digital assistants (PDAs), and the many different forms ofelectronic documents, e.g., email and messages, it is increasinglydifficult to track the existence and location of all copies of anelectronic document.

Based on the foregoing, there is a need for an approach for deletingelectronic documents on network devices that does not suffer fromlimitations of prior approaches.

SUMMARY

An approach is provided for deleting electronic documents on networkdevices using a document retention policy. The document retention policyspecifies one or more deletion criteria for documents belonging to eachof a plurality of document classifications. For example, the documentretention policy may specify that documents belonging to a particulardocument classification are to be deleted after a specified time, at aspecified time or in response to the occurrence of a particular event.The document retention policy is defined by document retention policydata that is managed by a document retention policy manager. Thedocument retention policy manager disseminates the document retentionpolicy data to one or more network elements over a communicationsnetwork. The document retention policy manager determines whether aretention policy audit should be performed. If so, then the documentretention policy manager signals the one or more network elements toconduct a retention policy audit. The network elements are configured toconduct the retention policy audit by deleting electronic documents inaccordance with the document retention policy. The one or more networkelements are further configured to generate and provide to the documentretention policy manager report data that indicates results ofperforming the retention policy audit.

According to one aspect of the invention, a computer-implemented methodis provided for deleting electronic documents on network devices.Document retention policy data is retrieved that specifies one or moredeletion criteria for each of a plurality of electronic documentclassifications. The document retention policy data is transmitted toone or more network devices over a communications network. Adetermination is made whether a retention policy audit should beconducted. If the retention policy audit should be conducted, then theone or more network devices are signaled to cause the one or morenetwork devices to perform the retention policy audit. Performing theretention policy audit includes identifying, from the plurality ofelectronic document classifications, one or more electronic documentclassifications for which the corresponding one or more deletioncriteria are satisfied and deleting one or more electronic documentsassociated with the identified one or more electronic documentclassifications. Audit report data is received from the one or morenetwork devices that indicate results of the one or more network devicesperforming the retention policy audit.

According to another aspect of the invention, a computer-implementedmethod is provided for deleting electronic documents on network devices.Document retention policy data is received at each of a plurality ofnetwork devices over a communications network from a document retentionpolicy manager executing on another network device. The documentretention policy data specifies one or more deletion criteria for eachof a plurality of electronic document classifications. An instruction toconduct a retention policy audit is received at each of the plurality ofnetwork devices from the document retention policy manager executing onthe another network device. In response to receiving the instruction ateach of the plurality of network devices, an audit processor on each ofthe plurality of network devices causing the retention policy audit tobe conducted by identifying, from the plurality of electronic documentclassifications, one or more electronic document classifications forwhich the corresponding one or more deletion criteria are satisfied, anddeleting one or more electronic documents associated with the identifiedone or more electronic document classifications. The audit processorsalso cause audit report data to be generated that indicates results ofperforming the retention policy audit and cause the audit report data tobe provided to the document retention policy manager over thecommunications network.

BRIEF DESCRIPTION OF THE DRAWINGS

In the figures of the accompanying drawings like reference numeralsrefer to similar elements.

FIG. 1 is a block diagram that depicts an arrangement for deletingelectronic documents using a document retention policy according to anembodiment of the invention.

FIG. 2 is a table that depicts example document retention policy data.

FIG. 3 depicts an example implementation of document retention policymanager.

FIG. 4 is a block diagram that depicts an example implementation ofsecure system.

FIG. 5 depicts a file information table, in accordance with anembodiment of the invention.

FIG. 6 is a flow diagram that depicts an approach for deletingelectronic documents using a document retention policy according to anembodiment of the invention.

FIG. 7 is a block diagram of a computer system on which embodiments ofthe invention may be implemented.

DETAILED DESCRIPTION

In the following description, for the purposes of explanation, numerousspecific details are set forth in order to provide a thoroughunderstanding of the present invention. It will be apparent, however, toone skilled in the art that the present invention may be practicedwithout these specific details. In other instances, well-knownstructures and devices are shown in block diagram form in order to avoidunnecessarily obscuring the present invention. Various aspects of theinvention are described hereinafter in the following sections:

-   -   I. OVERVIEW    -   II. ELECTRONIC DOCUMENT MANAGEMENT ARCHITECTURE    -   III. DOCUMENT RETENTION POLICIES    -   IV. CREATING, MAINTAINING AND DISTRIBUTING DOCUMENT RETENTION        POLICIES    -   V. ENFORCING A DOCUMENT RETENTION POLICY USING AUDITS    -   VI. IMPLEMENTATION MECHANISMS        I. Overview

An approach is provided for deleting electronic documents on networkdevices using a document retention policy. The document retention policyspecifies one or more deletion criteria for documents belonging to eachof a plurality of document classifications. For example, the documentretention policy may specify that documents belonging to a particulardocument classification are to be deleted after a specified time, at aspecified time or in response to the occurrence of a particular event.The document retention policy is defined by document retention policydata that is managed by a document retention policy manager. Thedocument retention policy manager disseminates the document retentionpolicy data to one or more network elements over a communicationsnetwork. The document retention policy manager determines whether aretention policy audit should be performed. If so, then the documentretention policy manager signals the one or more network elements toconduct a retention policy audit. The network elements are configured toconduct the retention policy audit by deleting electronic documents inaccordance with the document retention policy. The one or more networkelements are further configured to generate and provide to the documentretention policy manager report data that indicates results ofperforming the retention policy audit.

II. Electronic Document Management Architecture

FIG. 1 is a block diagram that depicts an arrangement 100 for deletingelectronic documents using a document retention policy according to anembodiment of the invention. Arrangement 100 includes a secure system102, a workstation 104, a multifunction peripheral (MFP) 106, a personalcomputer 108 and a document retention policy manager 110 communicativelycoupled to a network 112. Network 112 may be implemented by anymechanism or medium that provides for the exchange of informationbetween the elements depicted in FIG. 1. Examples of network 112include, without limitation, a network such as a Local Area Network(LAN), Wide Area Network (WAN), Ethernet or the Internet, or one or moreterrestrial, satellite or wireless links. Although the various elementsare depicted in FIG. 1 as being external to network 112, any of theseelements may be implemented within network 112, depending upon therequirements of a particular implementation.

Secure system 102 is a system configured to maintain data in a securemanner. For example, secure system 102 may include a gateway or othermechanism for controlling access to data stored in secure system 102.Workstation 104 is any type of workstation and MFP 106 is any devicethat performs one or more functions, such as printing, copying,facsimile or scanning. Personal computer 108 is any type of personalcomputer.

Although embodiments of the invention are described herein in thecontext of managing documents on secure system 102, workstation 104, MFP106 and personal computer 108, the approach for managing documents isapplicable to a wide variety of devices. Other example devices include,without limitation, wired or wireless devices such as personal digitalassistants (PDAs), portable or laptop computers and other networkdevices.

III. Document Retention Polices

According to one embodiment of the invention, a document retentionpolicy specifies one or more deletion criteria for a plurality ofelectronic document classifications. FIG. 2 is a table 200 that depictsexample document retention policy data. FIG. 2 depicts the documentretention policy data organized in tabular format for explanationpurposes only and the document retention policy data may be stored inany type of data structure or format, depending upon the requirements ofa particular implementation. Furthermore, document retention policy data122 is not limited to the example data depicted in table 200 and mayinclude fewer data types or more data types than depicted in FIG. 2,depending upon the requirements of a particular implementation.

In the example depicted in FIG. 2, table 200 includes a documentclassification column, a deletion criteria column, a document typecolumn (“O”=official; “P”=private) and a classification descriptioncolumn. Each row of table 200 specifies a retention policy for aparticular document classification. For example, the documentclassification L1 pertains to meeting records and has a documentretention policy that specifies that documents in this classificationare to be deleted after five years. In this example, the “L” in thedocument classification “L1” refers to a legal requirement where thelength of retention is specified by law. As another example, thedocument classification C4 pertains to project “A” data and has adocument retention policy that specifies that documents in thisclassification are to be deleted after the project has been completed.In this example, the “C” in the document classification “C4” refers to acorporate standard.

Any number and types of document classifications and deletion criteriamay be used, depending upon the requirements of a particularimplementation, and the invention is not limited to any particularnumber or types of document classifications or deletion criteria. Forexample, as described above, the deletion criteria may specify a timeduration that may be applied on a document-by-document basis, based uponthe creation date or storage date of the electronic documents. Asanother example, the deletion criteria may specify a date certain atwhich all constituent documents of an electronic document classificationare to be deleted. As another example, the deletion criteria may specifythat all documents associated with an electronic document classificationare to be deleted in response to the occurrence of an event. Exampleevents include a notification from administrative personnel and thecompletion of a project, as described above.

IV. Creating, Maintaining and Distributing Document Retention Polices

According to one embodiment of the invention, document retention policymanager 110 provides for the creation and management of documentretention policies that are defined by document retention policy data.FIG. 3 depicts an example implementation of document retention policymanager 110. In this example, document retention policy manager 110 isconfigured with a graphical user interface (GUI) 300, a retention policyeditor 302 and a retention policy auditor 304. Document retention policymanager 110 also includes document retention policy data 306, auditschedule data 308 and audit report data 310. Document retention policydata 306 is described in this section, while audit schedule data 308 andaudit report data 310 are described in later sections.

Retention policy editor 302 is configured to allow users to create,store and manage document retention policies via GUI 300. For example,retention policy editor 302 allows users to create document retentionpolicy data 306, such as the document retention policy data contained intable 200, through the use of various editing controls. This mayinclude, for example, allowing a user to edit “raw” document retentionpolicy data 306 or display one or more templates on GUI 300 and allowthe user to enter data into available fields. Alternatively, a user mayretrieve existing document retention policy data 306 from a storagemedium. Users may then edit and store the document retention policy data306. Users may also use the editing controls provided by retentionpolicy editor 302 to delete document retention policy data 306. Documentretention policy data 306 may be stored in a volatile memory, such as arandom access memory (RAM), and/or stored on a non-volatile memory suchas one or more disks, optical media or tape.

According to one embodiment of the invention, document retention policymanager 110 is configured to distribute document retention policy data306 to secure system 102, workstation 104, MFP 106 and personal computer108. Document retention policy manager 110 may be configured toautomatically provide document retention policy data 306 to thoseelements that require the data. Document retention policy manager 110may be configured to query secure system 102, workstation 104, MFP 106and personal computer 108 to determine which of these elements requiresdocument retention policy data 306. Alternatively, these elements mayrequest document retention policy data 306 from document retentionpolicy manager 110. Furthermore, retention policy auditor 304 may beconfigured to provide document retention policy data 306 to securesystem 102, workstation 104, MFP 106 and personal computer 108 inresponse to document retention policy data 306 being updated. Forexample, suppose that a user updates document retention policy data 306using retention policy editor 302. An administrator may determine thatdocument retention policy data 306 needs to be updated to reflect achange in a document retention policy. According to one embodiment ofthe invention, retention policy auditor 304 is configured toautomatically detect that document retention policy data 306 has beenupdated and provide the updated document retention policy data 306 tosecure system 102, workstation 104, MFP 106 and personal computer 108.

V. Enforcing a Document Retention Policy Using Audits

Document retention policy manager 110 is configured to enforce documentretention policies using audits. According to one embodiment of theinvention, retention policy auditor 304 is configured to signal one ormore of secure system 102, workstation 104, MFP 106 and personalcomputer 108 to perform an audit. Retention policy auditor 304 may causeaudits to be performed in response to user input. For example,administrative personnel may indicate, via GUI 300, that a retentionpolicy audit is to be performed. Retention policy auditor 304 may alsocause audits to be performed based upon a schedule specified by auditschedule data 308. In response to receiving the signal to conduct aretention policy audit from retention policy auditor 304, each of theseelements conducts an audit. For purposes of explanation, the auditprocess is described herein with respect secure system 102, although theapproach is applicable to the other elements depicted in FIG. 1.,namely, workstation 104, MFP 106 and personal computer 108, as well asany other type of element.

FIG. 4 is a block diagram that depicts an example implementation ofsecure system 102. In this example, secure system 102 includes a GUI400, a document manager 402, an audit processor 404, a file classifier406, a file handler 408 and an operating system 410. Secure system 102also includes document retention policy data 306, received from documentretention policy manager 110, a file information table 412 and auditreport data 414. GUI 400 may be implemented by any mechanism that allowssecure system 102 to convey information to a user. Document manager 402performs a variety of document management tasks for secure system 102.For example, document manager 402 interacts with document retentionpolicy manager 110 to coordinate the request and/or receipt of documentretention policy data 306.

According to one embodiment of the invention, when secure system 102receives an audit signal from document retention policy manager 110,document manager 402 provides the audit signal to audit processor 404.Audit processor 404 examines document retention policy data 306 toidentify document classifications for which the corresponding deletioncriteria have been satisfied. For example, if at least one year haselapsed since document classification C3 was activated, then thedeletion criteria are satisfied and electronic documents associated withdocument classification C3 are to be deleted. Audit processor 404 thenidentifies documents stored on secure system 102 that are associatedwith document classification C3 and causes the identified documents tobe deleted from secure system 102. In situations where a file cannot bedeleted because it is no longer located on secure system, then auditprocessor 404 indicates this fact in report data provided to documentretention policy manager 110. This situation may occur, for example, ifa data file was stored on a removable media, such as a floppy disk, aremovable disk drive or a portable storage device. The use of reportdata is described in more detail hereinafter.

According to one embodiment of the invention, audit processor 404 uses afile information table, such as the file information table 500 depictedin FIG. 5, to determine which documents are associated with a particulardocument classification. File information table 500 includes data thatindicates, for each electronic document, a file name, a creation data, alocation and a classification. The file name is the name of the filethat contains the electronic document. The classification is the same asthe document classification from table 200. The creation date is thecreation date of the file that contains the electronic document. Thecreation date is useful for identifying particular electronic documentsto be deleted on a document-by-document basis. For example, a particulardocument classification may have associated deletion criteria thatspecify deletion after one year from creation date of the document. Inthis situation, different electronic documents that have differentcreation dates, although all associated with the same particulardocument classification, are deleted at different times because of theirdifferent creation dates. The location indicates whether the file isstored locally on the particular element or on a removable storagemedia. For example, an “L” indicates that a particular electronicdocument is stored locally on secure system 102, while an “R” indicatesthat the particular electronic document is stored on a removable mediaor at another location.

According to one embodiment of the invention, document manager 402manages the creation and maintenance of file information table 500.Document manager 402 operates in conjunction with file handler 408 tocreate and populate file information table 500. For example, filehandler 408 detects that a save or copy command has been issued tooperating system 410 and in response, creates an entry in fileinformation table 500 for the file that was saved or copied. Filehandler 408 may also detect that a file name has been changed and updatethe corresponding file name in file information table 500. Fileclassifier 406 then interacts with a user through GUI 400 to obtain theclassification for each file, or to copy the classification of theoriginal file, in the case of a file copy.

After performing a retention policy audit, audit processor 404 causesthe generation of audit report data 414 that indicates results ofperforming the audit. For example, audit report data 414 may indicatefiles that were deleted in response to deletion criteria beingsatisfied. Audit report data 414 may also indicate files that could notbe deleted, for example, because the files are located on removablemedia. Audit processor 404 then causes the audit report data 414 to beprovided to document retention policy manager 110.

FIG. 6 is a flow diagram 600 that depicts an approach for deletingelectronic documents using a document retention policy according to anembodiment of the invention. In step 602, initial or updated documentretention policy data is provided to network devices. For example,document retention policy manager 110 provides document retention policydata 306 to secure system 102, workstation 104, MFP 106 and personalcomputer 108 when these devices are initially put into service, and thenat other times when document retention policy data 306 is updated.

In step 604, a determination is made whether a retention policy auditshould be performed. For example, as described herein, retention policyauditor 304 may determine that a retention policy audit is to beperformed in response to user input, based upon audit schedule data 308,or some other criteria.

In step 606, if a retention policy audit is to be performed, then thenetwork devices are signaled to perform a retention policy audit. Forexample, policy auditor 304 signals the audit processor 404 on eachnetwork device. In step 608, the network devices perform the retentionpolicy audit. For example, the audit processor 404 in each networkdevice performs the retention policy audit.

In step 610 the network devices generate and provide report data thatindicates results of performing the retention policy audit. For example,the audit processor 404 on each network device causes report data to begenerated and provided to document retention policy manager 110.

VI. Implementation Mechanisms

The approach described herein for deleting electronic documents using adocument retention policy is applicable to any type of data and not justelectronic documents. For example, the approach is applicable to emails,message data and audio/video data.

FIG. 7 is a block diagram that illustrates a computer system 700 uponwhich an embodiment of the invention may be implemented. Computer system700 includes a bus 702 or other communication mechanism forcommunicating information, and a processor 704 coupled with bus 702 forprocessing information. Computer system 700 also includes a main memory706, such as a random access memory (RAM) or other dynamic storagedevice, coupled to bus 702 for storing information and instructions tobe executed by processor 704. Main memory 706 also may be used forstoring temporary variables or other intermediate information duringexecution of instructions to be executed by processor 704. Computersystem 700 further includes a read only memory (ROM) 708 or other staticstorage device coupled to bus 702 for storing static information andinstructions for processor 704. A storage device 710, such as a magneticdisk or optical disk, is provided and coupled to bus 702 for storinginformation and instructions.

Computer system 700 may be coupled via bus 702 to a display 712, such asa cathode ray tube (CRT), for displaying information to a computer user.An input device 714, including alphanumeric and other keys, is coupledto bus 702 for communicating information and command selections toprocessor 704. Another type of user input device is cursor control 716,such as a mouse, a trackball, or cursor direction keys for communicatingdirection information and command selections to processor 704 and forcontrolling cursor movement on display 712. This input device typicallyhas two degrees of freedom in two axes, a first axis (e.g., x) and asecond axis (e.g., y), that allows the device to specify positions in aplane.

The invention is related to the use of computer system 700 or an MFPwith a similar structure for implementing the techniques describedherein. According to one embodiment of the invention, those techniquesare performed by computer system 700 in response to processor 704executing one or more sequences of one or more instructions contained inmain memory 706. Such instructions may be read into main memory 706 fromanother machine-readable medium, such as storage device 710. Executionof the sequences of instructions contained in main memory 706 causesprocessor 704 to perform the process steps described herein. Inalternative embodiments, hard-wired circuitry may be used in place of orin combination with software instructions to implement the invention.Thus, embodiments of the invention are not limited to any specificcombination of hardware circuitry and software.

The term “machine-readable medium” as used herein refers to any mediumthat participates in providing data that causes a machine to operationin a specific fashion. In an embodiment implemented using computersystem 700, various machine-readable media are involved, for example, inproviding instructions to processor 704 for execution. Such a medium maytake many forms, including but not limited to, non-volatile media,volatile media, and transmission media. Non-volatile media includes, forexample, optical or magnetic disks, such as storage device 710. Volatilemedia includes dynamic memory, such as main memory 706. Transmissionmedia includes coaxial cables, copper wire and fiber optics, includingthe wires that comprise bus 702. Transmission media can also take theform of acoustic or light waves, such as those generated duringradio-wave and infra-red data communications.

Common forms of machine-readable media include, for example, a floppydisk, a flexible disk, hard disk, magnetic tape, or any other magneticmedium, a CD-ROM, any other optical medium, punchcards, papertape, anyother physical medium with patterns of holes, a RAM, a PROM, and EPROM,a FLASH-EPROM, any other memory chip or cartridge, a carrier wave asdescribed hereinafter, or any other medium from which a computer canread.

Various forms of machine-readable media may be involved in carrying oneor more sequences of one or more instructions to processor 704 forexecution. For example, the instructions may initially be carried on amagnetic disk of a remote computer. The remote computer can load theinstructions into its dynamic memory and send the instructions over atelephone line using a modem. A modem local to computer system 700 canreceive the data on the telephone line and use an infra-red transmitterto convert the data to an infra-red signal. An infra-red detector canreceive the data carried in the infra-red signal and appropriatecircuitry can place the data on bus 702. Bus 702 carries the data tomain memory 706, from which processor 704 retrieves and executes theinstructions. The instructions received by main memory 706 mayoptionally be stored on storage device 710 either before or afterexecution by processor 704.

Computer system 700 or an MFP with a similar structure also includes acommunication interface 718 coupled to bus 702. Communication interface718 provides a two-way data communication coupling to a network link 720that is connected to a local network 722. For example, communicationinterface 718 may be an integrated services digital network (ISDN) cardor a modem to provide a data communication connection to a correspondingtype of telephone line. As another example, communication interface 718may be a local area network (LAN) card to provide a data communicationconnection to a compatible LAN. Wireless links may also be implemented.In any such implementation, communication interface 718 sends andreceives electrical, electromagnetic or optical signals that carrydigital data streams representing various types of information.

Network link 720 typically provides data communication through one ormore networks to other data devices. For example, network link 720 mayprovide a connection through local network 722 to a host computer 724 orto data equipment operated by an Internet Service Provider (ISP) 726.ISP 726 in turn provides data communication services through the worldwide packet data communication network now commonly referred to as the“Internet” 728. Local network 722 and Internet 728 both use electrical,electromagnetic or optical signals that carry digital data streams. Thesignals through the various networks and the signals on network link 720and through communication interface 718, which carry the digital data toand from computer system 700, are exemplary forms of carrier wavestransporting the information.

Computer system 700 can send messages and receive data, includingprogram code, through the network(s), network link 720 and communicationinterface 718. In the Internet example, a server 730 might transmit arequested code for an application program through Internet 728, ISP 726,local network 722 and communication interface 718. The received code maybe executed by processor 704 as it is received, and/or stored in storagedevice 710, or other non-volatile storage for later execution. In thismanner, computer system 700 may obtain application code in the form of acarrier wave.

In the foregoing specification, embodiments of the invention have beendescribed with reference to numerous specific details that may vary fromimplementation to implementation. Thus, the sole and exclusive indicatorof what is, and is intended by the applicants to be, the invention isthe set of claims that issue from this application, in the specific formin which such claims issue, including any subsequent correction. Hence,no limitation, element, property, feature, advantage or attribute thatis not expressly recited in a claim should limit the scope of such claimin any way. The specification and drawings are, accordingly, to beregarded in an illustrative rather than a restrictive sense.

1. A computer-implemented method for deleting electronic documents onnetwork devices, the computer-implemented method comprising: retrievingdocument retention policy data that specifies one or more deletioncriteria for each of a plurality of electronic document classifications;transmitting the document retention policy data to one or more networkdevices over a communications network; determining whether a retentionpolicy audit should be conducted; and if the retention policy auditshould be conducted, then signaling the one or more network devices tocause the one or more network devices to perform the retention policyaudit, wherein performing the retention policy audit includesidentifying, from the plurality of electronic document classifications,one or more electronic document classifications for which thecorresponding one or more deletion criteria are satisfied, and deletingone or more electronic documents associated with the identified one ormore electronic document classifications, and receiving, from the one ormore network devices, audit report data that indicates results of theone or more network devices performing the retention policy audit. 2.The computer-implemented method as recited in claim 1, wherein thedeletion criteria include a time duration for each of the plurality ofelectronic document classifications.
 3. The computer-implemented methodas recited in claim 1, wherein the deletion criteria include a deletiontime for each of the plurality of electronic document classifications.4. The computer-implemented method as recited in claim 1, wherein thedeletion criteria include the occurrence of one or more events.
 5. Thecomputer-implemented method as recited in claim 1, further comprisingallowing a user to create and edit the document retention policy data.6. The computer-implemented method as recited in claim 1, whereinproviding the document retention policy data to one or more networkdevices is performed in response to the document retention policy databeing updated.
 7. The computer-implemented method as recited in claim 1,wherein determining whether a retention policy audit should be conductedincludes determining whether user input has been received indicatingthat the retention policy audit should be conducted.
 8. Thecomputer-implemented method as recited in claim 1, wherein determiningwhether a retention policy audit should be conducted includesdetermining whether audit schedule data indicates that the retentionpolicy audit should be conducted.
 9. The computer-implemented method asrecited in claim 1, wherein the audit report data indicates whether oneor more data files could be deleted.
 10. A computer-readable medium fordeleting electronic documents on network devices, the computer-readablemedium carrying instructions which, when executed by one or moreprocessors, cause: retrieving document retention policy data thatspecifies one or more deletion criteria for each of a plurality ofelectronic document classifications; transmitting the document retentionpolicy data to one or more network devices over a communicationsnetwork; determining whether a retention policy audit should beconducted; and if the retention policy audit should be conducted, thensignaling the one or more network devices to cause the one or morenetwork devices to perform the retention policy audit, whereinperforming the retention policy audit includes identifying, from theplurality of electronic document classifications, one or more electronicdocument classifications for which the corresponding one or moredeletion criteria are satisfied, and deleting one or more electronicdocuments associated with the identified one or more electronic documentclassifications, and receiving, from the one or more network devices,audit report data that indicates results of the one or more networkdevices performing the retention policy audit.
 11. The computer-readablemedium as recited in claim 10, wherein the deletion criteria include atime duration for each of the plurality of electronic documentclassifications.
 12. The computer-readable medium as recited in claim10, wherein the deletion criteria include a deletion time for each ofthe plurality of electronic document classifications.
 13. Thecomputer-readable medium as recited in claim 10, wherein the deletioncriteria include the occurrence of one or more events.
 14. Thecomputer-readable medium as recited in claim 10, further comprisingadditional instructions which, when executed by the one or moreprocessors, causes allowing a user to create and edit the documentretention policy data allowing a user to create and edit the documentretention policy data.
 15. The computer-readable medium as recited inclaim 10, wherein providing the document retention policy data to one ormore network devices is performed in response to the document retentionpolicy data being updated.
 16. The computer-readable medium as recitedin claim 10, wherein determining whether a retention policy audit shouldbe conducted includes determining whether user input has been receivedindicating that the retention policy audit should be conducted.
 17. Thecomputer-readable medium as recited in claim 10, wherein determiningwhether a retention policy audit should be conducted includesdetermining whether audit schedule data indicates that the retentionpolicy audit should be conducted.
 18. The computer-readable medium asrecited in claim 10, wherein the audit report data indicates whether oneor more data files could be deleted.
 19. An apparatus for deletingelectronic documents on network devices, the apparatus comprising: oneor more processors; and a memory communicatively coupled to the one ormore processors and storing one or more instructions which, whenexecuted by the one or more processors, cause retrieving documentretention policy data that specifies one or more deletion criteria foreach of a plurality of electronic document classifications; transmittingthe document retention policy data to one or more network devices over acommunications network; determining whether a retention policy auditshould be conducted; and if the retention policy audit should beconducted, then signaling the one or more network devices to cause theone or more network devices to perform the retention policy audit,wherein performing the retention policy audit includes identifying, fromthe plurality of electronic document classifications, one or moreelectronic document classifications for which the corresponding one ormore deletion criteria are satisfied, and deleting one or moreelectronic documents associated with the identified one or moreelectronic document classifications, and receiving, from the one or morenetwork devices, audit report data that indicates results of the one ormore network devices performing the retention policy audit.
 20. Theapparatus as recited in claim 19, wherein the deletion criteria includea time duration for each of the plurality of electronic documentclassifications.
 21. The apparatus as recited in claim 19, wherein thedeletion criteria include a deletion time for each of the plurality ofelectronic document classifications.
 22. The apparatus as recited inclaim 19, wherein the deletion criteria include the occurrence of one ormore events.
 23. The apparatus as recited in claim 19, wherein thememory further stores additional instructions which, when executed bythe one or more processors, causes allowing a user to create and editthe document retention policy data.
 24. The apparatus as recited inclaim 19, wherein providing the document retention policy data to one ormore network devices is performed in response to the document retentionpolicy data being updated.
 25. The apparatus as recited in claim 19,wherein determining whether a retention policy audit should be conductedincludes determining whether user input has been received indicatingthat the retention policy audit should be conducted.
 26. The apparatusas recited in claim 19, wherein determining whether a retention policyaudit should be conducted includes determining whether audit scheduledata indicates that the retention policy audit should be conducted. 27.The apparatus as recited in claim 19, wherein the audit report dataindicates whether one or more data files could be deleted.
 28. Acomputer-implemented method for deleting electronic documents on networkdevices, the computer-implemented method comprising: receiving at eachof a plurality of network devices over a communications network,document retention policy data from a document retention policy managerexecuting on another network device, wherein the document retentionpolicy data specifies one or more deletion criteria for each of aplurality of electronic document classifications; receiving, at each ofthe plurality of network devices from the document retention policymanager executing on the another network device, an instruction toconduct a retention policy audit; and in response to receiving theinstruction at each of the plurality of network devices, an auditprocessor on each of the plurality of network devices causing theretention policy audit to be conducted by identifying, from theplurality of electronic document classifications, one or more electronicdocument classifications for which the corresponding one or moredeletion criteria are satisfied, and deleting one or more electronicdocuments associated with the identified one or more electronic documentclassifications; causing audit report data to be generated thatindicates results of performing the retention policy audit, and causingthe audit report data to be provided to the document retention policymanager over the communications network.
 29. The computer-implementedmethod as recited in claim 28, wherein the deletion criteria include atime duration for each of the plurality of electronic documentclassifications.
 30. The computer-implemented method as recited in claim28, wherein the deletion criteria include a deletion time for each ofthe plurality of electronic document classifications.
 31. Thecomputer-implemented method as recited in claim 28, wherein the deletioncriteria include the occurrence of one or more events.
 32. Thecomputer-implemented method as recited in claim 28, wherein the documentretention policy manager on each of the plurality of network devices isconfigured to allow a user to specify which of the plurality ofelectronic document classifications each of a plurality of electronicdocuments belongs to.
 33. The computer-implemented method as recited inclaim 28, wherein the audit report data indicates whether one or moredata files could be deleted.
 34. A computer-readable medium for deletingelectronic documents on network devices, the computer-readable mediumcarrying instructions which, when executed by one or more processors,cause: receiving at each of a plurality of network devices over acommunications network, document retention policy data from a documentretention policy manager executing on another network device, whereinthe document retention policy data specifies one or more deletioncriteria for each of a plurality~of electronic document classifications;receiving, at each of the plurality of network devices from the documentretention policy manager executing on the another network device, aninstruction to conduct a retention policy audit; and in response toreceiving the instruction at each of the plurality of network devices,an audit processor on each of the plurality of network devices causingthe retention policy audit to be conducted by identifying, from theplurality of electronic document classifications, one or more electronicdocument classifications for which the corresponding one or moredeletion criteria are satisfied, and deleting one or more electronicdocuments associated with the identified one or more electronic documentclassifications; causing audit report data to be generated thatindicates results of performing the retention policy audit, and causingthe audit report data to be provided to the document retention policymanager over the communications network.
 35. The computer-readablemedium as recited in claim 34, wherein the deletion criteria include atime duration for each of the plurality of electronic documentclassifications.
 36. The computer-readable medium as recited in claim34, wherein the deletion criteria include a deletion time for each ofthe plurality of electronic document classifications.
 37. Thecomputer-readable medium as recited in claim 34, wherein the deletioncriteria include the occurrence of one or more events.
 38. Thecomputer-readable medium as recited in claim 34, wherein the documentretention policy manager on each of the plurality of network devices isconfigured to allow a user to specify which of the plurality ofelectronic document classifications each of a plurality of electronicdocuments belongs to.
 39. The computer-readable medium as recited inclaim 34, wherein the audit report data indicates whether one or moredata files could be deleted.
 40. An apparatus for deleting electronicdocuments on network devices, the apparatus comprising: one or moreprocessors; and a memory communicatively coupled to the one or moreprocessors and storing instructions which, when executed by the one ormore processors, cause receiving at each of a plurality of networkdevices over a communications network, document retention policy datafrom a document retention policy manager executing on another networkdevice, wherein the document retention policy data specifies one or moredeletion criteria for each of a plurality of electronic documentclassifications; receiving, at each of the plurality of network devicesfrom the document retention policy manager executing on the anothernetwork device, an instruction to conduct a retention policy audit; andin response to receiving the instruction at each of the plurality ofnetwork devices, an audit processor on each of the plurality of networkdevices causing the retention policy audit to be conducted byidentifying, from the plurality of electronic document classifications,one or more electronic document classifications for which thecorresponding one or more deletion criteria are satisfied, and deletingone or more electronic documents associated with the identified one ormore electronic document classifications; causing audit report data tobe generated that indicates results of performing the retention policyaudit, and causing the audit report data to be provided to the documentretention policy manager over the communications network.
 41. Theapparatus as recited in claim 40, wherein the deletion criteria includea time duration for each of the plurality of electronic documentclassifications.
 42. The apparatus as recited in claim 40, wherein thedeletion criteria include a deletion time for each of the plurality ofelectronic document classifications.
 43. The apparatus as recited inclaim 40, wherein the deletion criteria include the occurrence of one ormore events.
 44. The apparatus as recited in claim 40, wherein thedocument retention policy manager on each of the plurality of networkdevices is configured to allow a user to specify which of the pluralityof electronic document classifications each of a plurality of electronicdocuments belongs to.
 45. The apparatus as recited in claim 40, whereinthe audit report data indicates whether one or more data files could bedeleted.